一 AFNetworking如何允许不通过证书验证访问https?
查了多种资料,试过很多方法,最终在stackoverflow中找到方法。
1 使用AFHTTPRequestOperation 和 AFHTTPRequestOperationManager 分别加上
- (void)setOpration:(AFHTTPRequestOperation *)opration
{
opration.securityPolicy.allowInvalidCertificates = YES;
}
- (void)managerSetOpration:(AFHTTPRequestOperationManager *)opration
{
opration.securityPolicy.allowInvalidCertificates = YES;
}
2 修改AFNetworking中修改源码,在AFSecurityPolicy.m注释掉这几句
- (BOOL)evaluateServerTrust:(SecTrustRef)serverTrust
forDomain:(NSString *)domain
{
// if (domain && self.allowInvalidCertificates && self.validatesDomainName && (self.SSLPinningMode == GMAFSSLPinningModeNone || [self.pinnedCertificates count] == 0)) {
// // https://developer.apple.com/library/mac/documentation/NetworkingInternet/Conceptual/NetworkingTopics/Articles/OverridingSSLChainValidationCorrectly.html
// // According to the docs, you should only trust your provided certs for evaluation.
// // Pinned certificates are added to the trust. Without pinned certificates,
// // there is nothing to evaluate against.
// //
// // From Apple Docs:
// // "Do not implicitly trust self-signed certificates as anchors (kSecTrustOptionImplicitAnchors).
// // Instead, add your own (self-signed) CA certificate to the list of trusted anchors."
// NSLog(@"In order to validate a domain name for self signed certificates, you MUST use pinning.");
// return NO;
// }
二 如果要使用自签名证书进行验证,请参照